#!/usr/bin/env python
# -*- coding: utf-8 -*-
# @Time    : 2025/6/20 23:54
# @Author  : summer
# @Email   : 610658552@qq.com
# @File    : auth.py
# @Software: PyCharm
# @Desc    :

import jwt
from django.conf import settings
from jwt import exceptions
from rest_framework.authentication import BaseAuthentication
from rest_framework.exceptions import AuthenticationFailed


class JwtQueryParamsAuthentication(BaseAuthentication):
    def authenticate(self, request):
        token = request.query_params.get("token")
        if not token:
            return None
        salt = settings.SECRET_KEY
        payload = None
        # result = {'status': False, 'data': None, 'error': None}
        try:
            # 修改点：显式指定algorithms参数
            payload = jwt.decode(token, salt, algorithms=["HS256"], options={"verify_signature": True})
            # result['status'] = True
            # result['data'] = payload
        except exceptions.ExpiredSignatureError:
            raise AuthenticationFailed({"code": 10000, "msg": "token已失效"})
        except jwt.DecodeError:
            raise AuthenticationFailed({"code": 10001, "msg": "token认证失败"})
        except jwt.InvalidTokenError:
            AuthenticationFailed({"code": 10002, "msg": "非法token"})
        # print(f'ext.payload = {payload}')
        # print(f'ext.token = {token}')
        return payload, token


class JwtHeaderAuthentication(BaseAuthentication):
    def authenticate(self, request, *args, **kwargs):
        salt = settings.SECRET_KEY
        payload = None
        token = request.META.get("HTTP_AUTHORIZATION", "")
        # print(f'META token ={token}')
        if not token:
            return None
        try:
            # 修改点：显式指定algorithms参数
            payload = jwt.decode(token, salt, algorithms=["HS256"], options={"verify_signature": True})
            # result['status'] = True
            # result['data'] = payload
        except exceptions.ExpiredSignatureError:
            raise AuthenticationFailed({"code": 20000, "msg": "token已失效"})
        except jwt.DecodeError:
            raise AuthenticationFailed({"code": 20001, "msg": "token认证失败"})
        except jwt.InvalidTokenError:
            AuthenticationFailed({"code": 20002, "msg": "非法token"})
        # print(f'ext.payload = {payload}')
        # print(f'ext.token = {token}')
        return payload, token

    def authenticate_header(self, request):
        return "api"


class JwtBodyAuthentication(BaseAuthentication):
    def authenticate(self, request, *args, **kwargs):
        salt = settings.SECRET_KEY
        payload = None
        token = request.data.get("token")
        if not token:
            return None
        try:
            # 修改点：显式指定algorithms参数
            payload = jwt.decode(token, salt, algorithms=["HS256"], options={"verify_signature": True})
        except exceptions.ExpiredSignatureError:
            raise AuthenticationFailed({"code": 30000, "msg": "token已失效"})
        except jwt.DecodeError:
            raise AuthenticationFailed({"code": 30001, "msg": "token认证失败"})
        except jwt.InvalidTokenError:
            AuthenticationFailed({"code": 30002, "msg": "非法token"})
        # print(f'ext.payload = {payload}')
        # print(f'ext.token = {token}')
        return payload, token

    def authenticate_header(self, request):
        return "api"


class NoAuthentication(BaseAuthentication):
    def authenticate(self, request, *args, **kwargs):
        raise AuthenticationFailed({"code": 40000, "msg": "认证失败"})

    def authenticate_header(self, request):
        return "api"
